spatie/security-advisories-health-check

A Laravel Health check to security advisories for PHP packages

Fund package maintenance!
spatie

Installs: 1 162 703

Dependents: 5

Suggesters: 0

Security: 0

Stars: 43

Watchers: 2

Forks: 7

pkg:composer/spatie/security-advisories-health-check

1.3.0 2025-09-28 19:10 UTC

This package is auto-updated.

Last update: 2025-10-02 14:36:06 UTC


README

Latest Version on Packagist Total Downloads

This package contains a Laravel Health check that can report any known security issues with the installed PHP packages in your application.

The security advisories are fetched from Packagist and are sourced from GitHub and other sources.

Usage

You can register this check, typically this happens in a service provider:

use Spatie\Health\Facades\Health;
use Spatie\SecurityAdvisoriesHealthCheck\SecurityAdvisoriesCheck;

Health::checks([
    SecurityAdvisoriesCheck::new()->retryTimes(5),
]);

Caching

By default, this package will make an HTTP request to Packagist every time the health check runs. To reduce API calls and improve performance, you can enable caching by calling cacheResultsForMinutes():

use Spatie\Health\Facades\Health;
use Spatie\SecurityAdvisoriesHealthCheck\SecurityAdvisoriesCheck;

Health::checks([
    SecurityAdvisoriesCheck::new()
        ->retryTimes(5)
        ->cacheResultsForMinutes(60),     // Enables caching for 1 hour
]);

The package uses Laravel's default cache driver.

Configuration Options

SecurityAdvisoriesCheck::new()
    ->retryTimes(3)                     // Number of retry attempts on failure
    ->cacheResultsForMinutes(120)       // Cache duration in minutes
    ->ignorePackage('vendor/package')   // Ignore specific packages
    ->ignoredPackages([                 // Ignore multiple packages
        'vendor/package1',
        'vendor/package2'
    ]);

Documentation

The documentation of this package is available inside the docs of Laravel Health.

Support us

We invest a lot of resources into creating best in class open source packages. You can support us by buying one of our paid products.

We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on our contact page. We publish all received postcards on our virtual postcard wall.

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

License

The MIT License (MIT). Please see License File for more information.